Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Small Business RV016, RV042, RV042G, and RV082 Routers Arbitrary Command Execution Vulnerability
Vulnerability Description
A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker to execute arbitrary commands with root privileges. The attacker must have either a valid credential or an active session token. The vulnerability is due to lack of input validation of the HTTP payload. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web-based management interface of the targeted device. A successful exploit could allow the attacker to execute commands with root privileges.
CVSS Information
N/A
Vulnerability Type
可信数据的反序列化
Vulnerability Title
多款Cisco产品代码问题漏洞
Vulnerability Description
Cisco RV016 Multi-WAN VPN Router等都是美国思科(Cisco)公司的一款VPN(虚拟专用网络)路由器。 多款Cisco产品中的Web管理界面存在代码问题漏洞,该漏洞源于程序没有对HTTP payload进行输入验证。远程攻击者可通过发送恶意的HTTP请求利用该漏洞以root权限执行任意命令。以下产品及版本受到影响:使用4.2.3.10之前版本固件的Cisco RV016 Multi-WAN VPN Router;使用4.2.3.10之前版本固件的RV042 Dual WAN
CVSS Information
N/A
Vulnerability Type
N/A